The project includes the integration of previous work, implementation of new programmer-friendly capability system calls, improvements to the Casper Capsicum service daemon, and sandboxing various security-sensitive applications.

“My previous Capsicum work focused on improving the framework itself to make it a better fit for real world applications. This new project will make use of the improved Capsicum to secure sensitive programs and libraries found in FreeBSD. The project will also produce many examples for others to follow, allowing them to take advantage of Capsicum to improve the security of their programs,”

said Pawel.

Ben Laurie, of Google’s security team, added that

“traditional operating system security is based on Access Control Lists (ACLs). Decades of experience has made it quite clear this is the wrong model – but how can we move to a better way without having to rebuild everything? Capsicum shows that it is possible to migrate gradually from the broken ACL world to a more robust capability based world. We are pleased to be involved in the next step of its evolution.”